ActivCard Gets Physical (Security) with Linux - page 2

If This Had Been an Actual Emergency

June 26, 2003

By
Brian Proffitt

Smart cards are one of those things that has been around for quite
some time, but widespread adoption (especially here in the US) has not
taken off by leaps and bounds. In Europe, smart card technology is
used in far more public applications, such as a wallet card, where
certain values (usually of currency) are stored on the card and are
credited or debited as the situation dictates.

Security on smart cards are provided by the fact they are not just
simple cards with magnetic information encoded on strips, which is
commonly used on credit cards or many physical-access key cards. Such
cards have their information stored entirely on those strips, which
can easily "sniffed" by anyone with a magnetic reader.

Smart cards, on the other hand, store memory within the card itself,
typically with a processor and memory unit. Information is closely
held, usually with cryptographic tokens. Unless the tokens on the card
and the system that's trying to read it match, that information will
stay on the card.

Besides security, magnetic cards have another important disadvantage over
smart card: the information stored upon them is necessarily
static. Credit cards hold account number, expiration date, and some
proprietary company identification--and that's pretty much it. All of
the data about your account is actually stored on a computer somewhere
in the depths of your credit card's bank. Hence, the need to dialup
the server for authentication every time you buy something at the
store.

With the processor on board the smart card, there is the capability of
dynamic storage, which can keep any kind of data, such as currency,
medical records--any information that's important and likely to be
updated from time to time.

So far, the real obstacle for wider implementation of smart cards are
their cost. A simple magnetic-strip card costs about 7 cents, while a
smart card can cost out at around US $1.

Another obstacle to their deployment has been that up until now, their
use in the enterprise simply has not been a high priority for IT
workers. But, according to ActivCard's David Putnam, this hesitancy is
rapidly changing, due in large part to the early adoption
characteristics of the tech-hungry U.S. military.